<?php
/*
* StiPHPcms, A web Content management System made with PHP/MySQL
* JordSti : jord52@gmail.com
* Version : 0.0.1
*
* Copyright (C) 2009  jord52@gmail.com
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

class Module {
	private $cms_page;
	public $name;
	public $version;
	public $author;
	
	public function __construct($cms_page)
	{
		$this->cms_page = $cms_page;
		$this->name = "News (STI)";
		$this->version = "0.0.1";
		$this->author= "StiTeam";
	}
	
	public function run()
	{
		if(!$this->cms_page->isSettingExist("news_max_per_page"))
		{
			$this->install();
		}
		
		if(isset($_GET['t']))
		{
			$task = $_GET['t'];
		}
		else
		{
			$task = 'default';
		}
		
		if($task=='default')
		{
			$this->cms_page->renderHeader($this->cms_page->lang['news_news']);
			$this->cms_page->renderMenu();
			$this->rankBar();	
			$this->newsPage();
		}
		else if($task=='view')
		{	
			$this->viewNews();
		}
		else if($task=='postcomment')
		{
			$this->postComment();
		}
		else if($task=='postnews')
		{
			$this->postNews();
		}
		else if($task=='write')
		{
			$this->writeNews();
		}
		else if($task=='allnews')
		{
			$this->newsList();
		}
		else if($task=='editnews')
		{
			$this->newsEdit();
		}
		else if($task=='savenews')
		{
			$this->saveNews();
			$this->newsList();
		}
		else if($task=='delcom')
		{
			$this->deleteComment();
		}
		else
		{
			$this->cms_page->error('','index.php');
		}
		
	}
	
	public function writeNews()
	{
		$this->newsPostRank();
		
		$newsform = '<form method="post" action="mod.php?mod=news&t=postnews">
			<fieldset>
			<legend>'.$this->cms_page->lang['news_form'].'</legend>
			<p><label for="title">'.$this->cms_page->lang['news_title'].' : </label><input type="text" name="title" id="title" tabindex="10" /></p>
			<p><label for="content">'.$this->cms_page->lang['news_textarea'].' : <br /></label>
			<textarea name="content" id="content" cols="55" rows="25"></textarea>
			</p>
			<p><input type="submit" value="'.$this->cms_page->lang['news_send'].'"/></p>
		
			</fieldset>
		
			</form>';
		
		$this->cms_page->renderHeader($this->cms_page->lang['news_form']);
		$this->cms_page->renderMenu();
		$this->cms_page->template->addFrame("",$newsform);
	}
	
	public function postNews()
	{
		$this->newsPostRank();
		
		if(!isset($_POST['title']))
		{
			$this->cms_page->error('','index.php');
		}
		
		$title = htmlentities($_POST['title']);
		$title = mysql_real_escape_string($title);
		
		$content = htmlentities($_POST['content']);
		$content = mysql_real_escape_string($content);
		
		$user_id = $_SESSION['user_id'];
		$stamp = time();
		
		$this->cms_page->sql_query("INSERT INTO %prefix%news VALUES('','$title','$content',$stamp,$user_id,0)");
		
		$this->cms_page->renderHeader($this->cms_page->lang['news_form']);
		$this->cms_page->renderMenu();
		$this->cms_page->template->addHTML('<h4>'.$this->cms_page->lang['news_posted'].'</h4>');
	}
	
	public function postComment()
	{
		$this->newsidVerification();
		
		$nid = $_GET['nid'];
		
		if($this->cms_page->getUserRank() >= $this->cms_page->settings['news_rank_to_comment'])
		{
			if(!isset($_POST['comment']))
			{
				$this->cms_page->error('','index.php');
			}
			
			$stamp = time();
			$comment = $_POST['comment'];
			$comment = htmlentities($comment);
			$comment = mysql_real_escape_string($comment);
			
			$user_id = $_SESSION['user_id'];
			
			$this->cms_page->sql_query("INSERT INTO %prefix%newscomment VALUES('',$nid,'$comment',$stamp,$user_id)");
			
			header("location: mod.php?mod=news&t=view&nid=$nid");
			
			
		}
		else
		{
			$this->cms_page->error($this->cms_page->lang['right_error']);
		}
	}
	
	public function viewNews()
	{
		$this->newsidVerification();
		
		$nid = $_GET['nid'];
		
		$dt = $this->cms_page->sql_query("SELECT n.id,n.title,n.content,n.timestamp,n.user_id,u.username FROM %prefix%news n JOIN %prefix%users u ON(n.user_id=u.id) WHERE n.id=$nid");
		if(mysql_num_rows($dt)==0)
		{
			$this->cms_page->error('','index.php');
		}
			
		$data = mysql_fetch_array($dt);
		
		$this->cms_page->renderHeader($data['title']);
		$this->cms_page->renderMenu();
		
		$news_id = $data['id'];
		$date_author = '<p>'.$this->cms_page->lang['news_posted_by'].' <a href="profile.php?pid='.$data['user_id'].'">'.$data['username'].'</a> - <em>'.date($this->cms_page->lang['dateformat'],$data['timestamp']).'</em><p>';

		require_once("core/sticode.php");
	
		$content = '<p>'.parseStiCode($data['content']).'</p>'.$date_author;
		$this->cms_page->template->addFrame($data['title'],$content);
		
		$dt = $this->cms_page->sql_query("SELECT c.id,c.user_id,c.content,c.timestamp,u.username,p.avatar FROM %prefix%newscomment c RIGHT JOIN %prefix%users u ON(c.user_id=u.id) RIGHT JOIN %prefix%profiles p ON(c.user_id=p.user_id) WHERE c.news_id=$nid ORDER BY c.id DESC");
		
		if($this->cms_page->getUserRank() >= $this->cms_page->settings['news_rank_to_comment'])
		{

			$comment = '<form method="post" action="mod.php?mod=news&t=postcomment&nid='.$news_id.'">
			<fieldset>
			<legend>'.$this->cms_page->lang['news_comment_form'].'</legend>
			<p><label for="comment">'.$this->cms_page->lang['news_comment_textarea'].' : <br /></label>
			<textarea name="comment" id="comment" cols=30 rows=5></textarea>
			</p>
			<p><input type="submit" value="'.$this->cms_page->lang['news_send'].'"/></p>
		
			</fieldset>
		
			</form>';
		}
		else
		{
			$comment = "";
		}
		require_once("core/profile.php");
		
		$comment .= '<table width="80%">';
		
		$rowclass = "row01";
		while($data = mysql_fetch_array($dt))
		{
			$comment .= '<tr class='.$rowclass.'>
			<td>'.ShowAvatar($data['avatar'],$this->cms_page->settings).'</td>
			<td>'.parseStiCode($data['content']).'</td>
			</tr><tr>
			<td><a href="profile.php?pid='.$data['user_id'].'">'.$data['username'].'</a></td>
			<td>'.date($this->cms_page->lang['dateformat'],$data['timestamp']).$this->commentModerationLink($data['id']).'</td>
			</tr>';
				
			if($rowclass=="row01")
			{
				$rowclass="row02";
			}
			else
			{
				$rowclass="row01";
			}
			
		}
		
		
		$this->cms_page->template->addFrame("",$comment.'</table>');
	
	}
	
	public function commentModerationLink($comment_id)
	{	
		$html = "";
		if($this->cms_page->getUserRank() >= $this->cms_page->settings['news_rank_to_moderate'])
		{
			$html .= ' | <a href="mod.php?mod=news&t=delcom&cid='.$comment_id.'">'.$this->cms_page->lang['delete'].'</a>';
			
		}
		
		return $html;
	}
	
	public function deleteComment()
	{
		
		$this->newsModerateRank();
		
		if(isset($_GET['cid']))
		{
			if(!is_numeric($_GET['cid']))
			{
				$this->cms_page->error('','index.php');
			}
		}
		else
		{
			$this->cms_page->error('','index.php');
		}
		
		$comment_id = $_GET['cid'];
		
		$this->cms_page->sql_query("DELETE FROM %prefix%newscomment WHERE id=$comment_id");
		
		header('location: mod.php?mod=news');
	}
	
	public function newsPage()
	{
		require_once("core/sticode.php");
		$news_max_per_page = $this->cms_page->settings['news_max_per_page'];
		$dt = $this->cms_page->sql_query("SELECT n.id,n.title,n.content,n.timestamp,n.user_id,u.username,COUNT(c.id) c_count FROM %prefix%news n LEFT JOIN %prefix%newscomment c ON(n.id=c.news_id) JOIN %prefix%users u ON(n.user_id=u.id) WHERE n.status=1 GROUP BY n.id ORDER BY n.id DESC");

		while($data=mysql_fetch_array($dt))
		{
			$date_author = '<p>'.$this->cms_page->lang['news_posted_by'].' <a href="profile.php?pid='.$data['user_id'].'">'.$data['username'].'</a> - <em>'.date($this->cms_page->lang['dateformat'],$data['timestamp']).'</em><p>';
			
			$content = '<p>'.parseStiCode($data['content']).'</p>'.$date_author.'<p><a href="mod.php?mod=news&t=view&nid='.$data['id'].'">'.$data['c_count'].' '.$this->cms_page->lang['news_comments'].'</a></p>';
			$this->cms_page->template->addFrame($data['title'],$content);
		}
		
	}
	
	public function newsList()
	{
		$this->newsModerateRank();
		$dt = $this->cms_page->sql_query("SELECT n.id,n.title,n.timestamp,n.status,u.username FROM %prefix%news n JOIN %prefix%users u ON n.user_id = u.id  ORDER BY n.id DESC");
		
		$html = '<table width="90%">
		<tr class="rowhead">
		<td>#</td>
		<td>'.$this->cms_page->lang['news_title'].'</td>
		<td>'.$this->cms_page->lang['news_posted_by'].'</td>
		<td>-</td>
		<td>-</td>
		<td>-</td>
		</tr>';
		
		$rowclass = "row01";
		while($data = mysql_fetch_array($dt))
		{
			if($data['status']==1)
			{
				$status = $this->cms_page->lang['news_public'];
			}
			else
			{
				$status = $this->cms_page->lang['news_private'];	
			}
			
			$html .= '<tr class='.$rowclass.'>
			<td>'.$data['id'].'</td>
			<td>'.$data['title'].'</td>
			<td>'.$data['username'].'</td>
			<td>'.date($this->cms_page->lang['dateformat'],$data['timestamp']).'</td>
			<td>'.$status.'</td>
			<td><a href="mod.php?mod=news&t=editnews&nid='.$data['id'].'">'.$this->cms_page->lang['edit'].'</a></td>
			</tr>';
			
			
			if($rowclass=='row01')
			{
				$rowclass = 'row02';
			}
			else
			{
				$rowclass = 'row01';
			}
		}
		
		$html .= '</table>';
		
		$this->cms_page->renderHeader($this->cms_page->lang['news_moderation']);
		$this->cms_page->renderMenu();
		
		$this->cms_page->template->addFrame('',$html);

		
	}
	
	public function newsEdit()
	{
		$this->newsModerateRank();
		
		if(isset($_GET['nid']))
		{
			if(!is_numeric($_GET['nid']))
			{
				$this->cms_page->error('','index.php');
			}
		}
		else
		{
			$this->cms_page->error('','index.php');
		}
		
		$news_id = $_GET['nid'];
		
		$dt = $this->cms_page->sql_query("SELECT * FROM %prefix%news WHERE id=$news_id");
		
		$data = mysql_fetch_array($dt);
		
		if($data['status']==1)
		{
			$public_select = 'selected="selected"';
		}
		else
		{
			$private_select = 'selected="selected"';
		}
		
		$newsform = '<form method="post" action="mod.php?mod=news&t=savenews">
		<fieldset>
		<legend>'.$this->cms_page->lang['news_form'].'</legend>
		<p><label for="title">'.$this->cms_page->lang['news_title'].' : </label><input type="text" name="title" id="title" tabindex="10" value="'.$data['title'].'" /></p>
		<p><label for="content">'.$this->cms_page->lang['news_textarea'].' : <br /></label>
		<textarea name="content" id="content" cols="55" rows="25">'.$data['content'].'</textarea>
		</p>
		<p><label for="status">'.$this->cms_page->lang['news_visibility'].' : </label><select name="status" id="status">
    <option value="0" '.$private_select.'>'.$this->cms_page->lang['news_private'].'</option>
    <option value="1" '.$public_select.'>'.$this->cms_page->lang['news_public'].'</option></select></p>
		<p><input type="submit" value="'.$this->cms_page->lang['save'].'"/></p>
		<input type="hidden" name="nid" value="'.$data['id'].'"/>
		<p>'.date($this->cms_page->lang['dateformat']).'</p>
		</fieldset>
		
		</form>';
		
		$this->cms_page->renderHeader($data['title']);
		$this->cms_page->renderMenu();
		
		$this->cms_page->template->addFrame('',$newsform);
	}
	
	public function saveNews()
	{

		if(isset($_POST['nid']))
		{
			if(!is_numeric($_POST['nid']))
			{
				$this->cms_page->error('','index.php');
			}
		}
		else
		{
			$this->cms_page->error('','index.php');
		}
		
		$news_id = $_POST['nid'];
		
		$title = htmlentities($_POST['title']);
		$title = mysql_real_escape_string($title);
		
		$content = htmlentities($_POST['content']);
		$content = mysql_real_escape_string($content);
		$status = $_POST['status'];
		$stamp = time();
		
		$this->cms_page->sql_query("UPDATE %prefix%news SET title='$title',content='$content',timestamp=$stamp,status=$status WHERE id=$news_id");

	}
	
	public function rankBar()
	{
		$link = array();
		if($this->cms_page->getUserRank() >= $this->cms_page->settings['news_rank_to_moderate'])
		{
			$link['View all news'] = "mod.php?mod=news&t=allnews";
		}
		
		if($this->cms_page->getUserRank() >= $this->cms_page->settings['news_rank_to_post'])
		{
			$link['Write a news'] = "mod.php?mod=news&t=write";
		}
		
		$html = '<div class="news_bar">';
		
		foreach($link as $name => $url)
		{
			$html .= '<a href="'.$url.'">'.$name.'</a> | ';
		}
		
		$html .= '</div>';
		
		$this->cms_page->template->addHTML($html);
		
	}
	
	public function newsPostRank()
	{
		if($this->cms_page->getUserRank() < $this->cms_page->settings['news_rank_to_post'])
		{
			$this->cms_page->error($this->cms_page->lang['right_error']);
		}
	}
	
	public function newsModerateRank()
	{
		if($this->cms_page->getUserRank() < $this->cms_page->settings['news_rank_to_moderate'])
		{
			$this->cms_page->error($this->cms_page->lang['right_error']);
		}
	}
	
	public function newsidVerification()
	{
		if(isset($_GET['nid']))
		{
			if(!is_numeric($_GET['nid']))
			{
				$this->cms_page->error('','index.php');
			}
		}
		else
		{
			$this->cms_page->error('','index.php');
		}
	}
	
	public function install()
	{
		$this->cms_page->addSetting("news_max_per_page",10);
		$this->cms_page->addSetting("news_rank_to_comment",1);
		$this->cms_page->addSetting("news_rank_to_post",50);
		$this->cms_page->addSetting("news_rank_to_moderate",120);
		
		$this->cms_page->addLangEntry("news_news","News");
		$this->cms_page->addLangEntry("news_form","Write a news");
		$this->cms_page->addLangEntry("news_posted_by","Posted By");
		$this->cms_page->addLangEntry("news_comments","comment(s) on this news !");
		$this->cms_page->addLangEntry("news_comment_form","Write a comment");
		$this->cms_page->addLangEntry("news_comment_textarea","Comment");
		$this->cms_page->addLangEntry("news_textarea","Text");
		$this->cms_page->addLangEntry("news_title","Title");
		$this->cms_page->addLangEntry("news_posted","Your news has been posted");
		$this->cms_page->addLangEntry("news_send","Send");
		$this->cms_page->addLangEntry("news_public","Public");
		$this->cms_page->addLangEntry("news_private","Private");
		$this->cms_page->addLangEntry("news_moderation","News moderation");
		$this->cms_page->addLangEntry("news_visibility","Visibility");
		$this->cms_page->saveLangFile();
		
		$this->cms_page->sql_query("CREATE TABLE `%prefix%news` (`id` int(25) NOT NULL AUTO_INCREMENT,`title` varchar(255) NOT NULL,`content` text NOT NULL,`timestamp` int(25) NOT NULL,`user_id` int(25) NOT NULL,`status` int(2) NOT NULL,PRIMARY KEY (`id`)) TYPE=MyISAM ;");
		$this->cms_page->sql_query("CREATE TABLE `%prefix%newscomment` (`id` int(25) NOT NULL AUTO_INCREMENT,`news_id` int(25) NOT NULL,`content` text NOT NULL,`timestamp` int(25) NOT NULL,`user_id` int(25) NOT NULL,PRIMARY KEY (`id`)) TYPE=MyISAM ;");
		
	}
	
}

class AdminModule {
	private $cms;
	
	public function __construct($cms)
	{
		$this->cms = $cms;
	}
	
	public function run()
	{
		$this->cms->error('No admin class for news, just use moderator link');
	}
}

?>